User permission level file
- Organization of this page
Format
|
; Comment JP1-user:JP1-resource-group=JP1-permission-level:JP1-resource-group=JP1-permission-level:... |
Parameters by type
- Required parameters:
-
None
- Custom parameters:
-
-
JP1-user
-
JP1-resource-group
-
JP1-permission-level
-
Storage destination directory
- In Windows:
-
installation-folder\conf\user_acl\
shared-folder\jp1base\conf\user_acl\ (in a cluster system)
- In UNIX:
-
/etc/opt/jp1base/conf/user_acl/
shared-directory/jp1base/conf/user_acl/ (in a cluster system)
Description
Sets operating permissions for JP1 resource groups that JP1 users access.
Application of settings
Execute the jbsaclreload command to apply the settings. For details on the jbsaclreload command, see jbsaclreload in 15. Commands.
Definition details
A JP1 user permission level file (JP1_UserLevel) assigns a JP1 permission level to each user for operating on JP1 resource groups. Each line contains a single entry. The characters you enter must be no more than 4,096 bytes per line. The characters following the semicolon (;) and up to the next linefeed constitute a comment. Each entry consists of two or more fields delimited with a colon (:). Specify each field as explained below.
- JP1-user-name
-
Specify a JP1 user name registered on the authentication server. You can use alphanumeric characters to specify a JP1 user name but the characters must be lower case. You can enter a character string that is from 1 to 31 bytes.
- JP1-resource-group=JP1-permission-level
-
Specify a JP1 resource group and JP1 permission level (JP1 user operating permission). Specify no more than 64 bytes as the JP1 resource group.
You can specify multiple JP1 permission levels for a JP1 resource group, using commas to delimit the permission levels as in the following example: JP1_AJS_Admin,JP1_JPQ_Admin,JP1_Console_Admin.
The JP1-resource-group and JP1-permission-level parameters are described below.
- JP1-resource-group
-
A JP1 resource group is a set of entities (resources) such as jobs, jobnets, or events, that are managed together. The JP1 resource group to specify here should be determined in consultation with the manuals of JP1 products that use JP1/Base user authentication. An asterisk (*) specified in this parameter allows the JP1 user to access all JP1 resource groups. However, you cannot specify any other JP1 resource group for a JP1 user for whom you have already specified an asterisk (*).
- JP1-permission-level
-
A JP1 permission level indicates the types of operating permissions that a JP1 user holds for a management target (resource). Permissible operations depend on whether the management targets (the resources) are jobs, jobnets, events, or other entities. Operating permissions are managed as combinations of different permissions set for specific types of resources.
JP1 permission levels include JP1_AJS_Admin, JP1_JPQ_Admin and JP1_Console_Admin. The JP1 permission level to specify here should be determined in consultation with the manuals of JP1 products that use JP1/Base user authentication.
Note
The user permission level file (JP1_UserLevel) is also used for the GUI. Any information you enter in the GUI will be applied to this file.
Definition examples
jp1admin:*=JP1_AJS_Admin,JP1_JPQ_Admin,JP1_Console_Admin